-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
PythonPythonMiggo AIRoot Cause AnalysisThe vulnerability description and GitHub issue explicitly point to the OFPBucket parser implementation. The code snippet shows a while loop in the parser method that uses action.len for iteration without validation. Zero-length actions would stall loop progression, matching the described infinite loop behavior. The file path is confirmed by the referenced code location in the GitHub issue (#194).
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| ryu | pip | <= 4.34 |
Ongoing coverage of React2Shell